1. Technical Field
The present invention relates in general to data encryption and in particular to securing data transfers over unsecured channels of communications. Still more particularly, the present invention relates to practical implementation of unbreakable data encryption through one-time use of pure random numbers.
2. Description of the Related Art
Sensitive data transfers are increasingly occurring over networks which are unsecured, such as the Internet or cellular telephone networks. By their nature, the medium by which data transfers are made in such networks must be openly accessible and/or shared, leaving transactions susceptible to interception. The only available alternative for securing data transfers over such networks thus becomes data encryption.
A variety of data encryption schemes have been developed and are implemented for data transfers over networks of the type described. For example, many data encoding schemes employ a reversible encryption algorithm modeled after the Data Encryption Standard (DES). Other data encoding schemes, used alone or in conjunction with DES, employ a combination of public and private keys to encrypt data, such as the Rivest-Shamir-Aldeman (RSA) encryption system used in many commercial software packages. These encoding schemes utilize pseudo-random numbers, or number sequences having a high degree of randomness.
The only encryption system currently recognized as being unconditionally secure is the “one-time pad,” also known as a Vernam cipher, developed by Gilbert S. Vernam while working for AT&T in 1917. When properly implemented, the one-time pad encryption mechanism is generally recognized by cryptographic experts to be the only known unbreakable encoding scheme. Other encryption systems are considered cryptographically secure, meaning that the costs associated with breaking the code by pure mathematical methods and extensive computation are very high, although the code can theoretically be broken if enough computing power could be brought to bear. One-time pads are unconditionally secure, meaning that any amount of analysis and computing power is insufficient because there is no pattern in the data.
The two key characteristics of the one-time pad concept which must be adhered to for encryption with a one-time pad to be unconditionally secure are pure randomness and one-time use. Pure randomness is thought to occur in the timing of radioactive decay and in the arrival of cosmic background radiation. The present invention employs one or both of the above sources passed through a cryptographically strong one-way function as the source of random values. Furthermore, the present invention requires that the random sequences thus generated are never intentionally used in more than one embodiment.
Although recognized as being mathematically unbreakable, the one time pad is conventionally considered not to be commercially practical. The reason is principally convenience, since the security of the system requires that the contents of the one-time pad be known only to the proper encrypting and decrypting entities. This requires secure distribution of the one-time pads. Furthermore, the one-time pad, when properly employed, requires large amounts of pure random data for the encryption/decryption values which, by definition, may be used only once. Additionally, since the one-time pad contains only a finite number of random numbers for encryption, replacement of the one-time pad is inevitably required. Finally, the one-time pad encryption method is less ideally suited for encryption of long, variable length messages than alternative, less secure encryption schemes. For these reasons, one-time pads have not been employed up to this time in actual encryption systems for commercial applications, such as banking, cellular telephony, etc.
There do exist classes of problems, however, for which the one-time pad could provide unconditionally secure encryption on a commercial basis. It would be desirable, therefore, to provide a method and apparatus for employing one-time pads in commercial applications requiring encryption of data for transfer over unsecured networks. It would further be advantageous to provide an implementation of one-time pads which could be readily adapted to a variety of commercial data encryption requirements.